Travel tip: Beware of airport wi-fi “honeypots”

Here’s a little reminder for those of you who will be traveling over Christmas and will be taking your laptop along to while away the hours in the terminal.

Beware of open wi-fi hotspots in the airport. That free hotspot may in reality be a “honeypot,” a trap designed to fool unsuspecting travelers into exposing their computers and data to hackers.

I was recently at New York’s JFK airport in the JetBlue terminal, where they have prominent signs offering free wi-fi, courtesy of the airline. But when I went to connect, I noticed that several options were available including one labeled “default” and another labeled “JetBlue free hotspot.” It turns out that the former was the actual free hotspot and the latter was the honeypot. (Of course, JetBlue could have averted some of this by actually renaming their router something useful like, say, “JetBlue free hotspot” instead of leaving the unhelpful “default” moniker it came out of the box with.)

What tipped me off was that the “JetBlue free hotspot” was labeled in my Mac OS X “Airport” (i.e. wi-fi) menu as a “Computer-to-Computer network.” On Windows I think this might be called an “Ad-hoc network”. Without getting into too many technical details, this means that someone has made their own computer appear to be a wi-fi router. If you connect to this network on an imperfectly protected Windows laptop, this hacker will have access to your data from his own computer. Even if you’re on a properly configured laptop, Windows or Mac, they’ll still be able to harvest any passwords or other data you attempt to send while trying to connect to web sites.

Seasoned business travelers probably know all this, but for all you casual holiday travelers: Forewarned is forearmed.

While this may be a real problem, people often accidentally set up computer-to-computer networks while trying to connect to wi-fi hotspots. They want to connect to the jetblue network, so they type into the box “jetblue network” or something like that, and since that network doesn’t exist, it makes a C2C network with the same name. So it’s possible the nefarious plotters are just people who don’t get how to use a wi-fi hotspot.

In airports(and any hotspot) you don’t set up honey pot networks to eavesdrop. You simply eavesdrop on the hotspot as the information “flying” (pardon the pun) through the air is not encrypted and even when it is its trivial to break into (as the key has to be given out)

Honeypots would be used for example if you wanted to see who would attempt to break into a network and to watch these attempts.

Moral of the story is don’t use hotspots unless you know how to secure your traffic.

At my office, I consistently see about four computer to computer networks with names like FreeWirelesshotspot. It’s strange because none of the networks serve up IP addresses so I don’t think they are phishing. Strange.